I am currently at the point where I can get a token but I need a way to associate the token that I grabbed from tyk with the user that had to log in and confirm the authorization.

I thought this could probably be done with the webhook and "OAuth Notifications URL" feature, but I am a bit confused with how it works, but when I tried a login, it only returned the following information according to http://posttestserver.com/post.php.

When your application processes the login and posts the data to Tyk, it will get a redirect URI and an auth_code, the auth_code is unique to a) the client and b) the user that just agreed to give the client ID access.

When the user approves the app and you get the auth_code and redirect URI, before doing the redirect, store the auth code alongside your user record.

When Tyk then approves the auth c ode to generate the token, it sends you the data you mentioned: the auth ode and the two tokens, you can use the auth code to find your user, and then associate the tokens appropriately.

It will also post to you when the refresh token is used, so that you can update your user record.